* Modules/pyexpat.c: Disallow collection of in-use parent parsers.
Within libexpat, a parser created via `XML_ExternalEntityParserCreate`
is relying on its parent parser throughout its entire lifetime.
Prior to this fix, is was possible for the parent parser to be
garbage-collected too early.
Expose the XML Expat 2.7.2 APIs to tune protections against
"billion laughs" [1] attacks.
The exposed APIs are available on Expat parsers, that is,
parsers created by `xml.parsers.expat.ParserCreate()`, as:
- `parser.SetBillionLaughsAttackProtectionActivationThreshold(threshold)`, and
- `parser.SetBillionLaughsAttackProtectionMaximumAmplification(max_factor)`.
This completes the work in f04bea44c3,
and improves the existing related documentation.
[1]: https://en.wikipedia.org/wiki/Billion_laughs_attack
Expose the XML Expat 2.7.2 mitigation APIs to disallow use of
disproportional amounts of dynamic memory from within an Expat
parser (see CVE-2025-59375 for instance).
The exposed APIs are available on Expat parsers, that is,
parsers created by `xml.parsers.expat.ParserCreate()`, as:
- `parser.SetAllocTrackerActivationThreshold(threshold)`, and
- `parser.SetAllocTrackerMaximumAmplification(max_factor)`.
Allow controlling Expat >=2.6.0 reparse deferral (CVE-2023-52425) by adding five new methods:
- `xml.etree.ElementTree.XMLParser.flush`
- `xml.etree.ElementTree.XMLPullParser.flush`
- `xml.parsers.expat.xmlparser.GetReparseDeferralEnabled`
- `xml.parsers.expat.xmlparser.SetReparseDeferralEnabled`
- `xml.sax.expatreader.ExpatParser.flush`
Based on the "flush" idea from https://github.com/python/cpython/pull/115138#issuecomment-1932444270 .
### Notes
- Please treat as a security fix related to CVE-2023-52425.
Includes code suggested-by: Snild Dolkow <snild@sony.com>
and by core dev Serhiy Storchaka.
Fix test_pyexpat.test_exception(): it can now be run from a directory
different than Python source code directory. Before, the test failed
in this case.
Skip the test if Modules/pyexpat.c source is not available. Skip also
the test on Python implementations other than CPython.
to parse more than one XML document per pyexpat xmlparser instance.
(Original patches by Hirokazu Yamamoto and Amaury Forgeot d'Arc, with
suggested wording by David Gutteridge)
I have compared output between pre- and post-patch runs of these tests
to make sure there's nothing missing and nothing broken, on both
Windows and Linux. The only differences I found were actually tests
that were previously *not* run.
svn+ssh://pythondev@svn.python.org/python/trunk
........
r77697 | ezio.melotti | 2010-01-22 18:58:28 +0200 (Fri, 22 Jan 2010) | 1 line
This should fix the failure introduced in r77680. The error message is now different and it caused the test to fail. The failing test is not present in 2.5 so it is failing only on 2.6 and newer versions.
........
The repr() of a string now contains printable Unicode characters unescaped.
The new ascii() builtin can be used to get a repr() with only ASCII characters in it.
PEP and patch were written by Atsuo Ishimoto.
svn+ssh://pythondev@svn.python.org/python/trunk
........
r59844 | raymond.hettinger | 2008-01-07 21:56:05 +0100 (Mon, 07 Jan 2008) | 1 line
Use get() instead of pop() for the optimized version of _replace().
........
r59847 | raymond.hettinger | 2008-01-07 22:33:51 +0100 (Mon, 07 Jan 2008) | 1 line
Documentation nits.
........
r59849 | raymond.hettinger | 2008-01-08 03:02:05 +0100 (Tue, 08 Jan 2008) | 1 line
Expand comment.
........
r59850 | raymond.hettinger | 2008-01-08 03:24:15 +0100 (Tue, 08 Jan 2008) | 1 line
Docs on named tuple's naming conventions and limits of subclassing
........
r59851 | christian.heimes | 2008-01-08 04:40:04 +0100 (Tue, 08 Jan 2008) | 1 line
It's verbose, not debug
........
r59852 | facundo.batista | 2008-01-08 13:25:20 +0100 (Tue, 08 Jan 2008) | 4 lines
Issue #1757: The hash of a Decimal instance is no longer affected
by the current context. Thanks Mark Dickinson.
........
r59853 | andrew.kuchling | 2008-01-08 15:30:55 +0100 (Tue, 08 Jan 2008) | 1 line
Patch 1137: allow assigning to .buffer_size attribute of PyExpat.parser objects
........
r59854 | andrew.kuchling | 2008-01-08 15:56:02 +0100 (Tue, 08 Jan 2008) | 1 line
Patch 1114: fix compilation of curses module on 64-bit AIX, and any other LP64 platforms where attr_t isn't a C long
........
r59856 | thomas.heller | 2008-01-08 16:15:09 +0100 (Tue, 08 Jan 2008) | 5 lines
Use relative instead of absolute filenames in the C-level tracebacks.
This prevents traceback prints pointing to files in this way:
File "\loewis\25\python\Modules\_ctypes\callbacks.c", line 206, in 'calling callback function'
........
r59857 | christian.heimes | 2008-01-08 16:46:10 +0100 (Tue, 08 Jan 2008) | 2 lines
Added __enter__ and __exit__ functions to HKEY object
Added ExpandEnvironmentStrings to the _winreg module.
........
r59858 | georg.brandl | 2008-01-08 17:18:26 +0100 (Tue, 08 Jan 2008) | 2 lines
Fix markup errors from r59857 and clarify key.__enter__/__exit__ docs
........
r59860 | georg.brandl | 2008-01-08 20:42:30 +0100 (Tue, 08 Jan 2008) | 2 lines
Better method for associating .py files with the interpreter.
........
r59862 | facundo.batista | 2008-01-08 22:10:12 +0100 (Tue, 08 Jan 2008) | 9 lines
Issue 846388. Adds a call to PyErr_CheckSignals to
SRE_MATCH so that signal handlers can be invoked during
long regular expression matches. It also adds a new
error return value indicating that an exception
occurred in a signal handler during the match, allowing
exceptions in the signal handler to propagate up to the
main loop. Thanks Josh Hoyt and Ralf Schmitt.
........
